From 91d16023d91ea21a5e58722c751485a0b9bbeeb3 Mon Sep 17 00:00:00 2001 From: KomachiSion <263976490@qq.com> Date: Thu, 14 Jan 2021 20:55:55 +0800 Subject: [PATCH] Fix #4701 --- .../alibaba/nacos/console/config/ConsoleConfig.java | 3 ++- console/src/main/resources/application.properties | 7 +++++++ .../com/alibaba/nacos/core/auth/AuthFilter.java | 4 +++- .../nacos/core/code/ControllerMethodsCache.java | 13 +++++++------ 4 files changed, 19 insertions(+), 8 deletions(-) diff --git a/console/src/main/java/com/alibaba/nacos/console/config/ConsoleConfig.java b/console/src/main/java/com/alibaba/nacos/console/config/ConsoleConfig.java index 5d282bb4875..ea9258c608b 100644 --- a/console/src/main/java/com/alibaba/nacos/console/config/ConsoleConfig.java +++ b/console/src/main/java/com/alibaba/nacos/console/config/ConsoleConfig.java @@ -50,9 +50,10 @@ public class ConsoleConfig { */ @PostConstruct public void init() { + methodsCache.initClassMethod("com.alibaba.nacos.core.controller"); methodsCache.initClassMethod("com.alibaba.nacos.naming.controllers"); - methodsCache.initClassMethod("com.alibaba.nacos.console.controller"); methodsCache.initClassMethod("com.alibaba.nacos.config.server.controller"); + methodsCache.initClassMethod("com.alibaba.nacos.console.controller"); } @Bean diff --git a/console/src/main/resources/application.properties b/console/src/main/resources/application.properties index d78a5900c0d..42a8d051d65 100644 --- a/console/src/main/resources/application.properties +++ b/console/src/main/resources/application.properties @@ -126,6 +126,13 @@ nacos.core.auth.default.token.secret.key=SecretKey012345678901234567890123456789 ### Turn on/off caching of auth information. By turning on this switch, the update of auth information would have a 15 seconds delay. nacos.core.auth.caching.enabled=true +### Since 1.4.1, Turn on/off white auth for user-agent: nacos-server, only for upgrade from old version. +nacos.core.auth.enable.userAgentAuthWhite=false + +### Since 1.4.1, worked when nacos.core.auth.enabled=true and nacos.core.auth.enable.userAgentAuthWhite=false. +### The two properties is the white list for auth and used by identity the request from other server. +nacos.core.auth.server.identity.key=serverIdentity +nacos.core.auth.server.identity.value=security #*************** Istio Related Configurations ***************# ### If turn on the MCP server: diff --git a/core/src/main/java/com/alibaba/nacos/core/auth/AuthFilter.java b/core/src/main/java/com/alibaba/nacos/core/auth/AuthFilter.java index 3a3f5a7ebda..73481f9066e 100644 --- a/core/src/main/java/com/alibaba/nacos/core/auth/AuthFilter.java +++ b/core/src/main/java/com/alibaba/nacos/core/auth/AuthFilter.java @@ -100,7 +100,9 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha Method method = methodsCache.getMethod(req); if (method == null) { - chain.doFilter(request, response); + // For #4701, Only support register API. + resp.sendError(HttpServletResponse.SC_NOT_FOUND, + "Not found mehtod for path " + req.getMethod() + " " + req.getRequestURI()); return; } diff --git a/core/src/main/java/com/alibaba/nacos/core/code/ControllerMethodsCache.java b/core/src/main/java/com/alibaba/nacos/core/code/ControllerMethodsCache.java index e619a3fc7bd..9aa29f5552d 100644 --- a/core/src/main/java/com/alibaba/nacos/core/code/ControllerMethodsCache.java +++ b/core/src/main/java/com/alibaba/nacos/core/code/ControllerMethodsCache.java @@ -16,6 +16,8 @@ package com.alibaba.nacos.core.code; +import com.alibaba.nacos.api.exception.NacosException; +import com.alibaba.nacos.api.exception.runtime.NacosRuntimeException; import com.alibaba.nacos.common.utils.CollectionUtils; import com.alibaba.nacos.core.auth.RequestMappingInfo; import com.alibaba.nacos.core.auth.RequestMappingInfo.RequestMappingInfoComparator; @@ -65,9 +67,6 @@ public class ControllerMethodsCache { public Method getMethod(HttpServletRequest request) { String path = getPath(request); - if (path == null) { - return null; - } String httpMethod = request.getMethod(); String urlKey = httpMethod + REQUEST_PATH_SEPARATOR + path.replaceFirst(EnvUtil.getContextPath(), ""); List requestMappingInfos = urlLookup.get(urlKey); @@ -94,13 +93,12 @@ public Method getMethod(HttpServletRequest request) { } private String getPath(HttpServletRequest request) { - String path = null; try { - path = new URI(request.getRequestURI()).getPath(); + return new URI(request.getRequestURI()).getPath(); } catch (URISyntaxException e) { LOGGER.error("parse request to path error", e); + throw new NacosRuntimeException(NacosException.NOT_FOUND, "Invalid URI"); } - return path; } private List findMatchedInfo(List requestMappingInfos, @@ -219,6 +217,9 @@ private void addUrlAndMethodRelation(String urlKey, String[] requestParam, Metho if (requestMappingInfos == null) { urlLookup.putIfAbsent(urlKey, new ArrayList<>()); requestMappingInfos = urlLookup.get(urlKey); + // For issue #4701. + String urlKeyBackup = urlKey + "/"; + urlLookup.putIfAbsent(urlKeyBackup, requestMappingInfos); } requestMappingInfos.add(requestMappingInfo); methods.put(requestMappingInfo, method);